Computers Are Programmed By People Not Magic

from the trust-but-verify dept

Ben Adida has a great post discussing the misplaced faith people often have in the machines in their lives, and the way that faith often spills over to e-voting. He mentions a scene in the 2006 HBO documentary on e-voting where an election official breaks down in tears when someone shows her how her voting machines could be hacked. For computer programmers, who are intimately familiar with what goes on under the hood, the idea that we should automatically trust anything a machine tells us is a little bit ridiculous. We're aware that computers are extremely complex devices that can go wrong in any number of ways, that they're designed by fallible human beings, and that it requires a lot of very careful engineering to make sure they're secure and reliable. We recognize, in particular, that the more complex a system is, the more likely it is to have problems, and so the more skeptical we should be of its results. It's not a coincidence that $5 pocket calculators tend to work flawlessly, while complex systems like Excel and the Pentium chip sometimes make basic arithmetic errors: the greater complexity increases the number of ways things can go wrong.

But a lot of non-technical folks seem to view things the other way around. Last week, for example, I noted a a Chicago law professor who thinks that "the future is surely with the touch-screen or some other form of online voting." The problem with this statement is that if our goal is security and reliability, which it should be, the added complexity of computers and touchscreens is a big disadvantage. But this isn't obvious if you've never looked under the hood to appreciate all the things that could go wrong. Computers are not magical boxes that always produce the correct answer, but unfortunately, a lot of people seem to think that they are.

cardboard box full of votes

is what we used to have and that seemed Ok... recounts took forever... but were possible... and that seems to be about a technologically advanced as the vote should be... from the way it looks from here.

Another overlooked computing artifact...

Computer Science and Computing Systems Engineering seldom get recognized for being one of the few disciplines that feature "Zero Tollerance" structuring.

In other engineering disciplines, you get tollerances. A part a few millimeters or thousandths of out of exact specification either way but still within tollerance and the widget still works. In computing systems, everything has to be working 100% perfectly or the whole thing usually grinds to a halt.

Re: Another overlooked computing artifact...

"In computing systems, everything has to be working 100% perfectly or the whole thing usually grinds to a halt.
"

That is not entirely correct.
Many fault tolerant systems are in use today. These are usually employed by those who require high reliability numbers (five nines). The cost is very high and therefore avoided when possible.

Artifacts everywhere. Pulling them together is the

The problem with e-voting is that it seems to be spearheaded by companies that adhere to computing as it was in the 1970s, an inherently closed and propietary consormium of ATM Manufacturers.

If eVoting has a chance in hell, it would need to be led by a group effort of bleeding edge companies such as Sun, Google, Oracle and Microsoft to consider an alliance to bring their real world experience to the table to create open standards, (which includes a paper trail!!).

No system is perfect. Deal with it. The minute you think you have the answer, someone like Ed will prove you wrong. The best you can do is bring in a technoligist like Ed and try to account for everything you possibly can. Bring a solution to market that has the seal of appoval of an entire industry.

The thing is that I don't think that reliable electronic voting machines are infeasible or even particularly difficult or complicated for that matter.

It's gotta be based on openness and accountability as basically every security expert that isn't an employee of one of these e-voting system sellers has opined.

I dunno, I guess people don't want to accept that e-voting isn't a drop-in solution, but one that's going to require some basic changes to the way people think about how you vote (durrr, like every other thing technology has touched).

Why is the touch screen better than paper?

Why is the focus on the UI rather than other aspects that computers can assist with, such as improving the counting speed of votes and reporting them to a central location?

Is it really so difficult for people to pick up a pencil and place a mark on a piece of paper? What are the real advantages in replacing this with a touch-sensitive illuminated display? (Keeping the paper enables an audit trail, and helps address part of the security issue in e-voting)

So combine the Hi-Tech with the Lo-Tech

Said it before, on this website even. The "best" solution is to combine the systems.

Touch Screens and E-Voting have their graces. It's easier to use (just click the picture of the candidate is a possibility) and faster to count.

My suggestion:

- Voters use a Touch Screen to place their votes.
- The Voting Machine fills in the dot/punches the hole.
- When you are done with the Touch Screen the Voting Machine spits out your "Scantron" type card.
- You now have a piece of paper and can double check to make sure its what you voted. You could even have a "Validation" screen where you just put the paper up to the screen and as long as all you see is green everything is fine, though that's less secure than manually doing it.
- You put the Voting Card into the Counting Machine.

You still have to worry about the security of the Counting Machine and Voting Machine and validate their software (which means you damn well share the source code at least with the State Government, if not also the Federal).

The major difference, you now have a paper trail. And you can store that stuff at the State Capital until the next election, where it won't matter anymore.

And again, they need to throw up some REAL security. And because this is _not_ a consumer or business item, but one that has far reaching consequences you can't claim people can't look at your stuff.

The State Government (and Federal Government) should BOTH have to certify the machines themselves. With the full source code made available.

Re:

Re: Another overlooked computing artifact...

You are completely wrong.

Do you know how many flaws there are in shipped software? A lot of the time they dont cause problems often enough to worry about and arent worth fixing. Sometimes theyre just too complex to comprehend and the flaws are just going to have to be there because nobody has the time or intelligence to find and fix them all. Software only has to run well enough, enough of the time for us to forgive them. Oftentimes the software can survive all sorts of flaws and continue chugging away. In fact there is a whole art to swallowing software errors and trying to survive. You don't make it perfect--you just handle your imperfections.

Actually, programmers are chewed out all the time for doing things way sloppier than other kinds of engineers could. I think it is great that we dont need to be 99.9999% accurate.

It aint rocket science it's a voting machine.

and it is not trivial but it is a very solvable problem. No system will ever be infallible, just like the mechanical voting machines that used to be used are fallible, and paper ballots can stick to the sides of ballot boxes or get lost or get altered, and punch cards can have chads hanging.

Bottom line is the touch screen or UI elements don't need to be highly reliable/secure, if they break, that can be designed to not impact tabulation integrity. A small subset of the functionality can be made highly reliable and secure and a paper (or mag tape or optical disk) audit trail can be part of that system.

The problem is when a bureaucracy goes out to procure a system like this, they haven't a clue as to how to frame the solicitation and always award based upon cost first and foremost. And at the very best, you get what you pay for, seldom more and often much less.

Re: Artifacts everywhere. Pulling them together is

"If eVoting has a chance in hell, it would need to be led by a group effort of bleeding edge companies such as Sun, Google, Oracle and Microsoft to consider an alliance to bring their real world experience to the table to create open standards..."

Damn Chef, give a guy a warning before you say outrageously funny stuff like that. I just shot hot coffee through my nose and all over my keyboard. I don't care about the laptop but I just achieved the perfect gnome setup.

Re: Re: Another overlooked computing artifact...

"Actually, programmers are chewed out all the time for doing things way sloppier than other kinds of engineers could. I think it is great that we dont need to be 99.9999% accurate."

Is this the attitiude that led to several probes crashing into Mars ?

Sure voting machines are not rocket science, however - would you be ok with one out of every hundred votes being recorded incorrectly ? What about one out of every thousand ?
Where do you draw the line ?

Oh, and this is priceless:
"Sometimes theyre just too complex to comprehend and the flaws are just going to have to be there because nobody has the time or intelligence to find and fix them all."

What about a huge wall of light up squares, millions of them, and all voters had to do was press one of the squares under the name they wanted to vote for.

Armed guards would shoot on sight anyone who tried to press more than one square. The guards would be from several different religious and political backgrounds, as well as being from different companies.

While reading this article, and I was struck that it probably was relevant to a social networking site, HumanBook, which has over 250 million profiles of people, including you, your friends, classmates and relatives.
The HumanBook is a mutually managed people directory. People list their own real-life connections, and other connections they have awareness of, to create a lifelong network. The network houses the connections, and then the collaboratively updated address book nurtures them, assuring that they need never be lost. HumanBook is the tool that will allow you to cherish and sustain all of the connections of your whole life. So if you're interested, go to http://www.HumanBook.com and find your profile today!

Bullshit

What is the complexity in Creating a client machine that sends Requests, and a server that receives requests and sends back an Acknowledgement????

It seems to me to be the most BASIC kind of Client-server relation!! Am I wrong??
I worked in designing Kiosks almost 7 years ago that did the same thing using Java and it worked flawlessly! Doesn't Amazon's website do hundreds of thousands of transactions a week?? Possibly even in a day?
Wouldn't anyone here with any idea about business systems say that Amazon's website is 10X more complex than a simple e-Voting machine??? What's the complexity? Amazon does more traffic in a week than a "Flordia" voting machine will do in a month(assuming the people will vote everyday for a whole month.. very unlikely)! So what is the complexity here?

It seems to me that there should be at least ONE company out there who could have built this system properly, tested it out and had rolled out by now??
Maybe I should submit a proposal??

Re: Another overlooked computing artifact...

Computer Science and Computing Systems Engineering seldom get recognized for being one of the few disciplines that feature "Zero Tollerance" structuring.

In other engineering disciplines, you get tollerances. A part a few millimeters or thousandths of out of exact specification either way but still within tollerance and the widget still works. In computing systems, everything has to be working 100% perfectly or the whole thing usually grinds to a halt.

You've obviously not been through a regular engineering program. In my electrical engineering classes we were not allowed ANY defects in our software projects. When it came time to grade our programs the tester would first try everything they could think of to cause the program to crash by entering invalid data. If this caused the program to crash or otherwise behave improperly then the student goat an automatic "F" on the project. Period. Similarly, if the program produced erroneous output for any reason then the student got an "F" on it. That was because that kind of sloppy coding was considered to be unprofessional for an engineer (even as a student). Then if the program passed all that, it was was graded on how well it performed, how well structured it was, the documentation and so forth. "Bloat" was a good way to loose points.

Contrast this with the products from Microsoft where unchecked-buffer-overflow vulnerabilities (and other sloppy programming practices) seem to be guaranteed. I just have to shake my head when they want to call themselves engineers.

Not fair, says I!

Don't go around thinking that engineers are somehow held to lower standards. Judging from what I've seen, the opposite is probably true.

Human Nature

But a lot of non-technical folks seem to view things the other way around.

That's human nature. Let me explain: To a lot of people, the technology behind e-voting machines (and computers in general) is unfathomable. Now humans have a long history of elevating things that they don't understand to the status of "god" instead of admitting ignorance. So many people who don't understand these machines follow their nature and resort to considering the machines to be god-like and infallible. Of course there are always "priests" for any religion and in the case of e-voting machines the priests are the makers of the machines. They go around promoting their god as infallible while at the same time trying to keep anyone from looking behind the curtain.

Dependecies

Dependencies and lack of awareness/knowledge of the environment is the cause of software's valid lack of merchantability. This is the valid explanation why bugs can exist. A developer codes based on an assumptions of their environment, and MS or some third party makes a change, or has undocumented parameters which causes a bug. Hence why calculators and consoles are more stable since there is considerable less changes occurring on the resources that software is dependent on.

This is why standards are so important, and why open source solutions are looked at so favorable by reasonable people.

However, there's a lot of sloppy code hiding behind the interdependency aspect of software/hardware. Which I feel is inexcusable, since syntax and poorly developed code is easily avoidable however it may not be profitable in the short term.

Another common cause of bugs is multiple developers making changes independently of others. IE no source/change control process. This also falls into the sloppy category and is inexcusable.

So for me, the only valid bugs are those caused by dependency issues, since there is no effective way to predict the future. Sloppy coding just like misspellings in a book is sometimes unavoidable however significant bugs should be addressed.

Computers, computers...

With computers taking over our lives, this belief will only get worse. With the new web 2.0 designs moving over to phone and computer designs, people will forget how complex these machines really are.

Even most programmers don't understand how complex these machines are, as they only program in C/C++, PHP, HTML, ECT. which are easy to understand/follow. Since I like programming, I want to learn how a computer REALLY works. So, I am working on making a 4 bit computer!